Andariel, affiliated with North Korea's Lazarus Group, strikes with EarlyRat #malware exploiting Log4j vulnerability.

Learn how they compromise systems: https://thehackernews.com/2023/06/north-korean-hacker-group-andariel.html

⚠️ Attention Android users!

Fluhorse has evolved and become more sophisticated. It conceals its encrypted payload and listens to your SMS messages.

Read details: https://thehackernews.com/2023/06/fluhorse-flutter-based-android-malware.html

Iranian state-sponsored group, MuddyWater, deploys new PhonyC2 framework in targeted cyber attacks. New findings reveal connections to Technion breach and ongoing PaperCut server exploitation.

Details: https://thehackernews.com/2023/06/from-muddyc3-to-phonyc2-irans.html

⚡ Attention all software developers and programmers! MITRE's Top 25 list of dangerous software weaknesses for 2023 is here.

Discover the crucial mistakes to avoid early in your product development process:

https://thehackernews.com/2023/06/mitre-unveils-top-25-most-dangerous.html

Build secure software from the ground up!

Beware of proxyjacking! Vulnerable SSH servers are under attack in a financially motivated campaign, covertly ensnaring them into a proxy network.

Read details: https://thehackernews.com/2023/06/cybercriminals-hijacking-vulnerable-ssh.html

Discover how threat actors exploit unused bandwidth to run services and monetize it.

💪 WhatsApp rolls out an upgrade to its proxy feature! Share more than just texts - a step towards countering internet 🚫 censorship.

Learn more: https://thehackernews.com/2023/06/whatsapp-upgrades-proxy-feature-against.html

North Korea's BlueNoroff, part of Lazarus Group, has upgraded their macOS #malware, Rustbucket, to avoid detection and persist longer.

Find out more here👉 https://thehackernews.com/2023/07/beware-new-rustbucket-malware-variant.html

BlackCat ransomware now spreading via malvertising! Watch out for rogue installers disguised as legitimate apps like WinSCP.

Learn more: https://thehackernews.com/2023/07/blackcat-operators-distributing.html

Your crypto wallet, your secrets, even your games – NOTHING is safe from Meduza Stealer.

Discover how this crimeware stays ahead of the game. https://thehackernews.com/2023/07/evasive-meduza-stealer-targets-19.html

📣 ALERT: CISA flags 8 severe vulnerabilities currently exploited in the wild - 6 affecting Samsung phones and 2 in D-Link devices.

Full info here 👉 https://thehackernews.com/2023/07/cisa-flags-8-actively-exploited-flaws.html

🚨 Critical Alert! Over 330,000 FortiGate firewalls are still vulnerable to the critical CVE-2023-27997 RCE exploit!

Don't be a sitting duck, PATCH NOW!

Learn more: https://thehackernews.com/2023/07/alert-330000-fortigate-firewalls-still.html

Neo_Net, a Mexican e-crime actor, is behind an Android malware campaign that's stolen €350,000+ and compromised PII data.

Read details: https://thehackernews.com/2023/07/mexico-based-hacker-targets-global.html

Don't be fooled by the façade - ensure your banking app is legit!

DDoSia attack tool gets an upgrade! Now conceals target lists with new encryption methods.

Learn more: https://thehackernews.com/2023/07/ddosia-attack-tool-evolves-with.html

🔔 Attention companies: the Swedish watchdog warns against using Google Analytics over Data Protection risks linked to U.S. surveillance.

Learn the full story here: https://thehackernews.com/2023/07/swedish-data-protection-authority-warns.html

Meta's Instagram Threads, poised as the next Twitter rival, hits a roadblock in Europe over privacy concerns.

Why? The app's extensive user data collection may not comply with EU's strict privacy standards.

Learn more: https://thehackernews.com/2023/07/instagrams-twitter-alternative-threads.html

🔥Developers, beware! npm packages are vulnerable to "manifest confusion."

This could serve as a backdoor for malicious code, hiding in your project dependencies, potentially triggering a dreaded supply chain attack.

Learn more: https://thehackernews.com/2023/07/nodejs-users-beware-manifest-confusion.html

⚡ Discover the power of automated IoT security testing with BugProve firmware analysis tool.

✅ Detects zero-day vulnerabilities
✅ Monitors emerging threats
✅ Compliance support
✅ Remediation recommendations

Try it for FREE https://thn.news/firmware-analysis-tool
Get 50% OFF - Limited time offer: https://thn.news/BugProve

RedEnergy, a sophisticated stealer-as-a-ransomware threat, is targeting energy utilities, oil, gas, telecom, and machinery sectors, using LinkedIn pages to deceive and compromise valuable information.

Learn more about this cyberattack: https://thehackernews.com/2023/07/redenergy-stealer-as-ransomware-threat.html

Suspected leader of OPERA1ER hacking crew, responsible for $11 Million+ in theft, has been arrested in an international operation.

Learn more here: https://thehackernews.com/2023/07/interpol-nabs-hacking-crew-opera1ers.html

A potentially massive cyberattack campaign is targeting cloud-native environments. Researchers unearthed an aggressive worm exploiting JupyterLab and Docker APIs. It deploys Tsunami malware and hijacks resources.

Read: https://thehackernews.com/2023/07/silentbob-campaign-cloud-native.html

Is your organization eligible for cyber insurance?

Discover the crucial role of regular penetration testing in assessing your cybersecurity risk profile.

Learn more: https://thehackernews.com/2023/07/how-pen-testing-can-soften-blow-on.html